Vulnerabilities > Download of Code Without Integrity Check
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-23 | CVE-2023-4041 | Download of Code Without Integrity Check vulnerability in Silabs Gecko Bootloader 4.3.0/4.3.1 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader. | 9.8 |
| 2023-08-11 | CVE-2023-40254 | Download of Code Without Integrity Check vulnerability in Genians Genian NAC and Genian Ztna Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15. | 9.8 |
| 2023-06-08 | CVE-2023-29401 | Download of Code Without Integrity Check vulnerability in Gin-Gonic GIN The filename parameter of the Context.FileAttachment function is not properly sanitized. | 4.3 |
| 2023-04-11 | CVE-2023-22635 | Download of Code Without Integrity Check vulnerability in Fortinet Forticlient A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate their privileges via modifying the installer upon upgrade. | 7.8 |
| 2023-04-02 | CVE-2023-27025 | Download of Code Without Integrity Check vulnerability in Ruoyi An arbitrary file download vulnerability in the background management module of RuoYi v4.7.6 and below allows attackers to download arbitrary files in the server. | 7.5 |
| 2023-02-02 | CVE-2023-23110 | Download of Code Without Integrity Check vulnerability in Netgear products An exploitable firmware modification vulnerability was discovered in certain Netgear products. | 7.4 |
| 2022-12-26 | CVE-2022-24117 | Download of Code Without Integrity Check vulnerability in GE products Certain General Electric Renewable Energy products download firmware without an integrity check. | 9.8 |
| 2022-12-20 | CVE-2022-46428 | Download of Code Without Integrity Check vulnerability in Tp-Link Tl-Wr1043Nd V1 Firmware TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. | 4.8 |
| 2022-12-20 | CVE-2022-46430 | Download of Code Without Integrity Check vulnerability in Tp-Link products TP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. | 4.8 |
| 2022-12-08 | CVE-2022-4261 | Download of Code Without Integrity Check vulnerability in Rapid7 Insightvm Rapid7 Nexpose and InsightVM versions prior to 6.6.172 failed to reliably validate the authenticity of update contents. | 6.5 |